Iron Mountain Jobs

About us News & events Investors Support Login
look at our history <a href="https://www.youtube.com/watch?v=_xXgAGTtM6I" target="_blank"> here </a>.</p><p></p><p> Iron Mountain
cs. Please see our <a href="https://www.ironmountain.com/about-us/values" target="_blank"> Values </a> and <a href="https://www.ironmountain.com/about-us/global-procurement/prospective-supplier-information/guidelines-for-suppliers/standards#:~:text=We%20insist%20on%20honesty%2C%20integrity,with%20whom%20we%20do%20business." target="_blank"> Code of Ethics </a> for a look at our
y Policy Statement, <a href="https://www.dol.gov/agencies/ofccp/posters">CLICK HERE</a><br><br><strong>Requisition:</strong> J00

Job Information

Iron Mountain IT Compliance Lead in Boston, Massachusetts

At Iron Mountain we know that work, when done well, makes a positive impact for our customers, our employees, and our planet. That’s why we need smart, committed people to join us. Whether you’re looking to start your career or make a change, talk to us and see how you can elevate the power of your work at Iron Mountain.

We provide expert, sustainable solutions in records and information management, digital transformation services, data centers, asset lifecycle management, and fine art storage, handling, and logistics. We proudly partner every day with our 225,000 customers around the world to preserve their invaluable artifacts, extract more from their inventory, and protect their data privacy in innovative and socially responsible ways.

Are you curious about being part of our growth stor​y while evolving your skills in a culture that will welcome your unique contributions? If so, let's start the conversation.

Role: IT Compliance Lead

Remote Role - EST time zone preferred

IRM technology organization is in search of a highly skilled and motivated IT Compliance Lead to guarantee our technology teams operate at “Optimized” CMMI Maturity level and have best solutions in place in meeting compliance audit requirements of ISO , SOX, SOC2, PCI, HIPAA etc.

The ideal candidate will be professional, highly-analytical, technical, risk management and possess excellent written and verbal communication skills. To prosper in this role, you should have a strong audit background and be fluent in IT best practices, process, and have a good knowledge of various technology implementations and their significance. Additionally you should be comfortable being collaborative and sharing your knowledge, in a relatable and understandable way, with IT team members responsible for supporting each of these audit types.

Core Experience / Responsibilities

  • 6-8 years’ proven experience as a IT compliance lead role in

  • Evaluating how an organization/IT follows their own processes and policies and in adherence to various laws and regulations globally to identify possible weaknesses or risks.

  • Initiating and or revising IT process and policies to meet the standards / controls of an industry recognized audit (such as ISO , SOX, SOC2, PCI, HIPAA) and highest CMMI level

  • Establishing a governance and adherence framework to IT processes and policies compliance

  • Creating and managing effective action plans in response to audit discoveries and compliance violations

  • Collaborating with technology/architect and internal audit team in implementing IT compliance governance/controls where applicable

  • Implementing, utilizing, and maintaining audit monitoring platforms such as AuditBoard

  • Implementing, utilizing and maintaining contemporary frameworks on process, policies and governance

  • Accountable to continuous compliance and continuous improvement

  • Leading audits of information technology systems and information security processes. i.e. program manage projects associated with audit discoveries and compliance violations (evaluated, investigated and resolved). Provide technology management on the operation and progress of compliance efforts.

  • Leading IT compliance areas such as ITIL (implementation reviews, project assurance etc), privileged user access deficiencies, data sharing, malware protection, monitoring, disaster recovery compliance etc

  • Supporting execution of the global Sarbanes Oxley testing program, including walkthroughs, testing controls, and working with our external auditors. SOX testing scope covers areas such as: automated controls, access rights, one time only controls, and IT general controls (ITGCs) among others.

  • Assisting in the annual SOX financial statement mapping, risk assessment, and scoping process.

  • Providing roll up reporting applicable to management through executives

  • Comfortable and confident interacting with external auditors and leadership at varying levels.

Lead Experience

  • As a lead, demonstrate leadership ability in all aspects of the process and governance life-cycle.

  • Enthusiastic about working with cross-functional teams and feel ownership over the success of IT compliance mindset.

  • Working expertise in a collaborative environment and promoting a teamwork mentality

  • Managerial experience applying analytical thinking and problem-solving skills

  • Situationally Aware - Must be the first to notice IT process and compliance differences and issues as they arise and elevate them to management

  • Innovative - identify areas of opportunity to tighten processes, make tool enhancements to support a positive outcome when our teams are providing evidence of control against quarterly and annual examinations

  • Collaborative - understand that not all team members have a detailed understanding of audits / examinations / and control definitions. Use this understanding as an opportunity to help hone SOP’s and a shared understanding of what is needed to be successful.

  • Conflict resolution - Must be able to facilitate IT compliance discussion and facilitate alternatives or different approaches.

  • Strong sense of personal accountability regarding decision-making and collaborating with technology teams

  • Relevant professional certification (CIA, CISA, CPA, CA, ACCA) is good to have. Bachelor's degree in relevant field required

  • 5+ years of relevant experience in System Implementation reviews, SOX / IT internal controls, internal audit, corporate accounting, public accounting (Big 4 preferred ), etc.

  • Working knowledge of Sarbanes-Oxley Act of 2002, Section 404, including a strong understanding of IT general controls.

  • This role requires that the individual work independently and to independently lead and execute audits (whether IT, Integrated, or SOX).

Reasonably expected salary range: $101,700.00 - $135,600.00

Category: Risk Management

Iron Mountain is a global leader in storage and information management services trusted by more than 225,000 organizations in 60 countries. We safeguard billions of our customers’ assets, including critical business information, highly sensitive data, and invaluable cultural and historic artifacts. Take a look at our history here.

Iron Mountain helps lower cost and risk, comply with regulations, recover from disaster, and enable digital and sustainable solutions, whether in information management, digital transformation, secure storage and destruction, data center operations, cloud services, or art storage and logistics. Please see our Values and Code of Ethics for a look at our principles and aspirations in elevating the power of our work together.

If you have a physical or mental disability that requires special accommodations, please let us know by sending an email to accommodationrequest@ironmountain.com. See the Supplement to learn more about Equal Employment Opportunity.

Iron Mountain is committed to a policy of equal employment opportunity. We recruit and hire applicants without regard to race, color, religion, sex (including pregnancy), national origin, disability, age, sexual orientation, veteran status, genetic information, gender identity, gender expression, or any other factor prohibited by law.

To view the Equal Employment Opportunity is the Law posters and the supplement, as well as the Pay Transparency Policy Statement, CLICK HERE

Requisition: J0078641

DirectEmployers